ProHoster > Blog > Utongi > Raspberry Pi + CentOS = Wi-Fi Hotspot (kana raspberry router yakapfeka ngowani tsvuku)

Raspberry Pi + CentOS = Wi-Fi Hotspot (kana raspberry router yakapfeka ngowani tsvuku)

Pane huwandu hukuru hweruzivo paInternet pakugadzira nzvimbo dzeWi-Fi dzekuwana zvichibva paRaspberry single-board PC. Sezvo mutemo, izvi zvinoreva kushandisa iyo Raspbian inoshanda sisitimu yekuzvarwa kuRaspberry.

Sezvo ndiri muteveri wemasystem akavakirwa paRPM, ndaisagona kupfuura chishamiso ichi chidiki uye kusaedza chandinoda pachiri CentOS.

Chinyorwa chino chinopa mirairo yekuti ungagadzira sei router ye5GHz/AC Wi-Fi kubva kuRaspberry Pi 3 Model B+ inoshandisa system yekushandisa. CentOSPachava nemanomano akati wandei, asi asinganyanyo zivikanwa, uye sebhonasi, dhayagiramu yekubatanidza mimwe michina yeWi-Fi kuRaspberry Pi, ichiibvumira kushanda nenzira dzakawanda (2,4 + 5 GHz) panguva imwe chete.

Raspberry Pi + CentOS = Wi-Fi Hotspot (kana raspberry router yakapfeka ngowani tsvuku)
(musanganiswa wemifananidzo inowanikwa pachena)

Ngationei ipapo ipapo kuti mamwe mavheti emuchadenga haashande. Ini ndinosvina huwandu hwe100 Mbps kubva muRaspberry yangu pamusoro pemhepo, uye izvi zvinovhara kumhanya kwemupi weInternet. Sei uchida ine usimbe AC, kana mune dzidziso unogona kuwana hafu yegigabit kunyange paN? Kana iwe wakazvibvunza mubvunzo uyu, zvino enda kuchitoro kunotenga router chaiyo ine masere ekunze antennas.

0. Zvauchazoda

  • Chaizvoizvo, iyo "raspberry chigadzirwa" pachayo ndeye caliber: Pi 3 Model B + (kuzadzisa inoshuvira 5GHz kumhanya uye chiteshi);
  • yakanaka microSD> = 4GB;
  • Nzvimbo yekushandira ine Linux uye muverengi/munyori wemicroSD;
  • Kuva nehunyanzvi hwakakwana mu Linux, chinyorwa - cheGeek yakagadzirirwa;
  • Kubatana kwenetwork ine waya (eth0) pakati peRaspberry ne Linux, sevha yeDHCP inoshanda pane network yemuno uye mukana wekuwana internet kubva kumidziyo yese miviri.

Mhinduro diki pane yekupedzisira poindi. "Ndeipi yakauya pakutanga, zai kana ..." maitiro ekugadzira Wi-Fi router mukushayikwa kwemidziyo yeInternet? Ngatisiyei ichi chinonakidza chiitiko kunze kwechikamu chechinyorwa uye tongofunga kuti Raspberry yakabatana kune yemunharaunda network newaya uye inokwanisa kuwana Internet. Muchiitiko ichi, hatizodi imwe TV uye manipulator kuti tigadzire "raspberry".

1. Kuiswa CentOS

Peji yekumba yeprojekiti

Panguva yekunyora chinyorwa chino, shanduro inoshanda CentOS Chishandiso ichi chinoshandisa 32-bit. Pane imwe nzvimbo paindaneti, ndakasangana nemishumo yekuti mashandiro ema operating system akadaro pa 64-bit ARM architecture anoderera ne20%. Ndichasiya izvozvo ndisina kutaura.

pamusoro Linux-dhawunirodha mufananidzo mudiki uchishandisa kernel "-RaspberryPI-"uye nyora kune microSD:

# xzcat CentOS-Userland-7-armv7hl-RaspberryPI-Minimal-1810-sda.raw.xz | 
  dd of=/dev/mmcblk0 bs=4M
# sync

Tisati tashandisa mufananidzo, tichabvisa chikamu cheSWAP kubva pachiri, towedzera mudzi kusvika pahuwandu hwese huripo uye tobvisa SELinuxMaitiro acho ari nyore: tinogadzira kopi yemudzi pa Linux, bvisa zvikamu zvese kubva ku microSD kunze kweyekutanga (/boot), gadzira mudzi mutsva wodzorera zviri mukati mayo kubva pakopi.

Muenzaniso wezviito zvinodiwa (yakaoma console kubuda)

# mount /dev/mmcblk0p3 /mnt
# cd /mnt
# tar cfz ~/pi.tgz . --no-selinux
# cd
# umount /mnt


# parted /dev/mmcblk0

(parted) unit s
(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system     Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32           boot, lba
 2      1370112s  2369535s   999424s    primary  linux-swap(v1)
 3      2369536s  5298175s   2928640s   primary  ext4
        5298176s  31116287s  25818112s           Free Space

(parted) rm 3
(parted) rm 2

(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system  Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32        boot, lba
        1370112s  31116287s  29746176s           Free Space

(parted) mkpart
Partition type?  primary/extended? primary
File system type?  [ext2]? ext4
Start? 1370112s
End? 31116287s

(parted) set
Partition number? 2
Flag to Invert? lba
New state?  on/[off]? off

(parted) print free
Model: SD SC16G (sd/mmc)
Disk /dev/mmcblk0: 31116288s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start     End        Size       Type     File system  Flags
        63s       2047s      1985s               Free Space
 1      2048s     1370111s   1368064s   primary  fat32        boot, lba
 2      1370112s  31116287s  29746176s  primary  ext4

(parted) quit


# mkfs.ext4 /dev/mmcblk0p2 
mke2fs 1.44.6 (5-Mar-2019)
/dev/mmcblk0p2 contains a swap file system labelled '_swap'
Proceed anyway? (y,N) y
Discarding device blocks: done                            
Creating filesystem with 3718272 4k blocks and 930240 inodes
Filesystem UUID: 6a1a0694-8196-4724-a58d-edde1f189b31
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done   

# mount /dev/mmcblk0p2 /mnt
# tar xfz ~/pi.tgz -C /mnt --no-selinux

Mushure mekusunungura zviri mukati memudziyo wekuparadzanisa, inguva yekuita shanduko pairi.

Dzima SELinux в /mnt/etc/selinux/config:

SELINUX=disabled

Kugadzirisa /mnt/etc/fstab, tichisiya manyorerwo maviri chete nezvezvikamu: boot (/boot, isina kuchinja) uye root (tinochinja kukosha kweUUID, izvo zvinogona kuwanikwa nekuongorora kubuda kwemurairo we blkid pa Linux-e):

UUID=6a1a0694-8196-4724-a58d-edde1f189b31  /     ext4    defaults,noatime 0 0
UUID=6938-F4F2                             /boot vfat    defaults,noatime 0 0

Pakupedzisira, isu tinoshandura kernel boot parameters: tinotsanangura nzvimbo itsva yemudziyo wekuparadzanisa, kudzima kuburitsa kweruzivo rwekugadzirisa uye (nekuda) kurambidza kernel kugovera IPv6 kero pane network interfaces:

# cd
# umount /mnt
# mount /dev/mmcblk0p1 /mnt

Hezvino zviri mukati /mnt/cmdline.txt kune inotevera fomu (mutsetse mumwe usina hyphens):

root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait quiet ipv6.disable_ipv6=1

Zvaitwa:

# cd
# umount /mnt
# sync

Tinoisa microSD muRaspberry Pi, toivhura towana mukana wekushandisa network kuburikidza ne ssh (root/centos).

2. Setup CentOS

Matatu ekutanga asingazungunuke mafambiro: passwd, yum -y update, reboot.

Isu tinopa kure network management networkd:

# yum install systemd-networkd
# systemctl enable systemd-networkd
# systemctl disable NetworkManager
# chkconfig network off

Gadzira faira (pamwe chete nemadhairekitori) /etc/systemd/network/eth0.network:

[Match]
Name=eth0

[Network]
DHCP=ipv4

Isu tinotangazve "raspberry" uye zvakare kuwana network yekuwana nayo kuburikidza ne ssh (iyo IP kero inogona kuchinja). Chenjerera kune zvinoshandiswa /etc/resolv.conf, yakagadzirwa kare neNetwork Manager. Naizvozvo, kana paine matambudziko nekugadziriswa, gadzirisa zvirimo. Shandisa systemd-yakagadziriswa hatizodaro.

Isu tinobvisa "zvisina basa", gadzirisa uye nekumhanyisa kurodha kweOS:

# systemctl set-default multi-user.target
# yum remove GeoIP Network* aic* alsa* cloud-utils-growpart 
  cronie* dhc* firewal* initscripts iwl* kexec* logrotate 
  postfix rsyslog selinux-pol* teamd wpa_supplicant

Ndiani anoda cron they uye ndiani asingagaye zvakavakwa systemd timers, anogona kuona kuti chii chisipo. / var / log- uye tarisa mutori. Kana iwe uchida nhoroondo yelogi (nekusarudzika, ruzivo rwunochengetwa chete kubva panotanga system):

# mkdir /var/log/journal
# systemd-tmpfiles --create --prefix /var/log/journal
# systemctl restart systemd-journald
# vi /etc/systemd/journald.conf

Dzima kushandiswa kweIPv6 nemasevhisi ekutanga (kana zvichidikanwa)/ etc / ssh / sshd_config:

AddressFamily inet

/etc/sysconfig/chronyd:

OPTIONS="-4"

Kukosha kwenguva pa "raspberry" chinhu chakakosha. Sezvo kunze kwebhokisi pasina hunyanzvi hwehudhivhari hwekuchengetedza iyo ikozvino mamiriro ewachi paunotangazve, kuwiriranisa kunodiwa. Daemon yakanaka kwazvo uye inokurumidza yeiyi chrony - yakatoiswa uye inotanga otomatiki. Unogona kushandura maseva eNTP kune ari pedyo.

/etc/chrony.conf:

server 0.ru.pool.ntp.org iburst
server 1.ru.pool.ntp.org iburst
server 2.ru.pool.ntp.org iburst
server 3.ru.pool.ntp.org iburst

Kuseta nguva yenguva yatichashandisa trick. Sezvo chinangwa chedu chiri chekugadzira Wi-Fi router inoshanda pa5GHz frequencies, isu tichagadzirira zvinoshamisa pamberi. mutongi:

# yum info crda
Pfupiso: Regulatory kutevedzera daemon ye802.11 isina waya network

Iyi dhizaini yakaipa, zvakare yakavakirwa pane yenguva, "inorambidza" kushandiswa (muRussia) kwe5GHz mafrequency nemachaneli ane "pamusoro" nhamba. Uchenjeri hwekumisa nzvimbo yenguva usingashandisi mazita emakondinendi/maguta, kureva, pachinzvimbo che:

# timedatectl set-timezone Europe/Moscow

Tinodzvanya:

# timedatectl set-timezone Etc/GMT-3

Uye iyo yekupedzisira kubata kune bvudzi reiyo system:

# hostnamectl set-hostname router

/root/.bash_profile:

. . .

# User specific environment and startup programs

export PROMPT_COMMAND="vcgencmd measure_temp"
export LANG=en_US.UTF-8
export PATH=$PATH:$HOME/bin

3. Kuwedzera CentOS

Zvese zvataurwa pamusoro apa zvinogona kutorwa semurairo wakakwana wekuisa "vanilla" CentOS paRaspberry Pi. Unofanira kuguma uine PC inodzosazve mukati memasekonzi gumi, inoshandisa RAM isingasviki 15 megabytes, uye microSD card 1.5 gigabytes (chaizvoizvo, isingasviki 1 gigabyte nekuda kwe /boot isina kukwana, asi ngativei vakatendeseka).

Kuti uise software yeWi-Fi access point pane iyi system, uchafanirwa kuwedzera zvishoma kugona kwekushandisa standard distribution. CentOSKutanga, ngatigadzirisei dhiraivha (firmware) yeadapta yeWi-Fi yakavakirwa mukati. Peji rekutanga repurojekiti rinoti:

Wifi paRaspberry 3B uye 3B+

Mafaira eRaspberry PI 3B/3B+ firmware haatenderwe kugoverwa ne CentOS Purojekiti. Unogona kushandisa zvinyorwa zvinotevera kuti unzwisise dambudziko, uwane firmware uye ugadzirise wifi.

Izvo zvisingatenderwi kuitwa neprojekiti CentOS, saka hatirambidzwi kuishandisa pachedu. Tiri kutsiva firmware yeWi-Fi inogoverwa mu CentOS kune inoenderana kubva kuvagadziri veBroadcom (mabhurobhu akafanana anovengwa ebhinari...). Izvi, kunyanya, zvichaita kuti AC ishandiswe mu access point mode.

Wi-Fi firmware upgradeTsvaga iyo modhi yemudziyo uye yazvino firmware vhezheni:

# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Mar  1 2015 07:29:38 version 7.45.18 (r538002) FWID 01-6a2c8ad4
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 7.14.8 Compiler: 1.24.9 ClmImport: 1.24.9 Creation: 2014-09-02 03:05:33 Inc Data: 7.17.1 Inc Compiler: 1.26.11 Inc ClmImport: 1.26.11 Creation: 2015-03-01 07:22:34

Isu tinoona kuti iyo firmware vhezheni ndeye 7.45.18 yemusi 01.03.2015/XNUMX/XNUMX, uye rangarira inotevera seti yenhamba: 43455 (brcmfmac43455-sdio.bin).

Dhawunirodha ikozvino Raspbian mufananidzoAvo vane usimbe vanogona kupisa mufananidzo kuita microSD vobvisa mafaira efirmware kubva ipapo. Neimwe nzira, unogona kuisa mudzi wemufananidzo mukati Linux uye kopi zvaunoda kubva ipapo:

# wget https://downloads.raspberrypi.org/raspbian_lite_latest
# unzip -p raspbian_lite_latest > raspbian.img
# fdisk -l raspbian.img
Disk raspbian.img: 2 GiB, 2197815296 bytes, 4292608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x17869b7d

Device        Boot  Start     End Sectors  Size Id Type
raspbian.img1        8192  532480  524289  256M  c W95 FAT32 (LBA)
raspbian.img2      540672 4292607 3751936  1.8G 83 Linux

# mount -t ext4 -o loop,offset=$((540672 * 512)) raspbian.img /mnt
# cp -fv /mnt/lib/firmware/brcm/*43455* ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.bin' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.clm_blob' -> ...
'/mnt/lib/firmware/brcm/brcmfmac43455-sdio.txt' -> ...
# umount /mnt

Iyo inoguma Wi-Fi adapta firmware mafaera anofanirwa kukopwa uye kutsiviwa ne "raspberry" mudhairekitori /usr/lib/firmware/brcm/

Isu tinotangazve remangwana router uye kunyemwerera nekugutsikana:

# journalctl | grep $(basename $(readlink /sys/class/net/wlan0/device/driver))
Jan 01 04:00:03 router kernel: brcmfmac: F1 signature read @0x18000000=0x15264345
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_fw_map_chip_to_name: using brcm/brcmfmac43455-sdio.bin for chip 0x004345(17221) rev 0x000006
Jan 01 04:00:03 router kernel: usbcore: registered new interface driver brcmfmac
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: Firmware version = wl0: Feb 27 2018 03:15:32 version 7.45.154 (r684107 CY) FWID 01-4fbe0b04
Jan 01 04:00:03 router kernel: brcmfmac: brcmf_c_preinit_dcmds: CLM version = API: 12.2 Data: 9.10.105 Compiler: 1.29.4 ClmImport: 1.36.3 Creation: 2018-03-09 18:56:28

Shanduro: 7.45.154 yakaitwa 27.02.2018/XNUMX/XNUMX.

Uye zvechokwadi EPEL:

# cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Epel rebuild for armhfp
baseurl=https://armv7.dev.centos.org/repodir/epel-pass-1/
enabled=1
gpgcheck=0
EOF

# yum clean all
# rm -rfv /var/cache/yum
# yum update

4. Network configuration uye matambudziko mberi

Sezvatakabvumirana pamusoro apa, "raspberry" yakabatanidzwa ne "waya" kune network yemunharaunda. Ngatifungei kuti mupi anopa mukana weInternet nenzira imwecheteyo: kero paruzhinji network inopihwa zvine simba neDHCP server (pamwe ine MAC inosunga). Muchiitiko ichi, mushure mekugadzirisa kwekupedzisira kwe raspberry, iwe unongoda "kuvhara" tambo yemupi mairi uye wapedza. Mvumo uchishandisa systemd-networkd - musoro wechinyorwa chakasiyana uye hauna kukurukurwa pano.

Raspberry's Wi-Fi interface(s) inzvimbo yenzvimbo, uye yakavakirwa-mukati Ethernet adapta (eth0) ndeyekunze. Ngativerengei network yemuno statically, semuenzaniso: 192.168.0.0/24. Raspberry kero: 192.168.0.1. Sevha yeDHCP ichashanda pane network yekunze (Internet).

Dambudziko rekusagadzikana и ane mukurumbira Guatemalan programmer - matambudziko maviri akamirira chero munhu anogadzirisa network interfaces uye masevhisi mune systemd kugovera.

Parallel chaos (lyrical digression)Lennart Pottering yakanyora purogiramu yayo systemd Kugona chose. Izvi systemd vanotangisa zvimwe zvirongwa nekukasira zvekuti ivo vasina nguva yekupora pakuridza muridzo nemuridzo, vanogumburwa nekudonha pakutanga vasina kana kutanga nzira yavo yezvipingaidzo.

Asi zvakakomba, kuenzanirana kwehasha kwemaitiro akatangwa pakutanga kweiyo systemd OS imhando ye "dhongi zambuko" kune vane ruzivo vakatevedzana veLSB nyanzvi. Neraki, kuunza kurongeka kune iyi "parallel chaos" inoshanduka kuve nyore, kunyangwe isiri pachena nguva dzose.

Isu tinogadzira maviri chaiwo mabhiriji ekusangana ane anogara aine mazita: Lan и wan. Isu "tichabatanidza" iyo Wi-Fi adapta (s) kune yekutanga, uye eth0 "raspberry" kune yechipiri.

/etc/systemd/network/lan.netdev:

[NetDev]
Name=lan
Kind=bridge

/etc/systemd/network/lan.network:

[Match]
Name=lan

[Network]
Address=192.168.0.1/24
IPForward=yes

/etc/systemd/network/wan.netdev:

[NetDev]
Name=wan
Kind=bridge
#MACAddress=xx:xx:xx:xx:xx:xx

/etc/systemd/network/wan.network:

[Match]
Name=wan

[Network]
DHCP=ipv4
IPForward=yes

IPForward=hongu inobvisa kukosha kwekunongedza kernel kuburikidza ne sysctl kuti igone kuitisa.
MACAaddress= Ngatisiyanei uye tishandure kana zvichidikanwa.

Kutanga isu "tinobatanidza" eth0. Isu tinorangarira "dambudziko rakafanana" uye tinoshandisa chete kero yeMAC yeiyi interface, yaunogona kuziva, semuenzaniso, seizvi:

# cat /sys/class/net/eth0/address

Isu tinosika /etc/systemd/network/eth.network:

[Match]
MACAddress=b8:27:eb:xx:xx:xx

[Network]
Bridge=wan

Isu tinodzima iyo yapfuura faira yekumisikidza eth0, tangazve iyo Raspberry uye uwane network yekuwana mairi (iyo IP kero ingangochinja):

# rm -fv /etc/systemd/network/eth0.network
# reboot

5.DNSMASQ

Pakugadzira maWi-Fi mapoinzi, hapana chinokunda vaviri vanotapira dnsmasq + hostapd handisati ndazvinzwisisa. Mukufunga kwangu.

Kana munhu akakanganwa, ipapo ...hostapd - ichi ndicho chinhu chinodzora Wi-Fi adapters (kunyanya, ichatarisira kuvabatanidza kune chaiyo. Lan "raspberries"), inobvumira uye inonyoresa vatengi vasina waya.

dnsmasq - inogadzirisa network stack yevatengi: nyaya IP kero, DNS maseva, default gedhi uye zvakafanana zvinofadza.

Ngatitangei ne dnsmasq:

# yum install dnsmasq

Template /etc/resolv.conf:

nameserver 1.1.1.1
nameserver 1.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 77.88.8.8
nameserver 77.88.8.1
domain router.local
search router.local

gadzirisa sezvaunoda.

minimalistic /etc/dnsmasq.conf:

domain-needed
bogus-priv
interface=lan
bind-dynamic
expand-hosts
domain=#
dhcp-range=192.168.0.100,192.168.0.199,255.255.255.0,24h
conf-dir=/etc/dnsmasq.d

Iwo "mashiripiti" pano ari muparameter bind-dynamic, iyo inoudza dnsmasq daemon kuti imirire kusvika yaonekwa pane system interface=lan, uye kwete kupera simba nokusurukirwa kwokuzvikudza pashure pokutanga.

# systemctl enable dnsmasq
# systemctl start dnsmasq; journalctl -f

6. HOSTAPD

Uye pakupedzisira, iyo mashiripiti hostapd zvigadziriso. Ini handina kupokana kuti mumwe munhu ari kuverenga chinyorwa ichi achitsvaga chaizvo aya anokosheswa mitsara.

Usati waisa hostapd, unofanirwa kukunda "dambudziko rekufanana". Iyo yakavakirwa-mukati Wi-Fi adapta wlan0 inogona kushandura nyore zita rayo kuita wlan1 kana ichibatanidza yakawedzera USB Wi-Fi michina. Naizvozvo, isu tichagadzirisa mazita echiratidziro nenzira inotevera: isu tichauya nemazita akasiyana eiyo (isina waya) adapta uye tinoisunga kune MAC kero.

Kune yakavakirwa-mukati Wi-Fi adapta, iyo ichiri wlan0:

# cat /sys/class/net/wlan0/address 
b8:27:eb:xx:xx:xx

Isu tinosika /etc/systemd/network/wl0.link:

[Match]
MACAddress=b8:27:eb:xx:xx:xx

[Link]
Name=wl0

Zvino tichava nechokwadi kuti wl0 - Iyi yakavakirwa-mukati Wi-Fi. Isu tinotangazve Raspberry kuti tive nechokwadi cheizvi.

Isa:

# yum install hostapd wireless-tools

Configuration file /etc/hostapd/hostapd.conf:

ssid=rpi
wpa_passphrase=1234567890

channel=36

country_code=US

interface=wl0
bridge=lan

driver=nl80211

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

macaddr_acl=0

hw_mode=a
wmm_enabled=1

# N
ieee80211n=1
require_ht=1
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

# AC
ieee80211ac=1
require_vht=1
ieee80211d=0
ieee80211h=0
vht_capab=[MAX-AMSDU-3839][SHORT-GI-80]
vht_oper_chwidth=1
vht_oper_centr_freq_seg0_idx=42

Pasina kukanganwa kwechinguva State Emergency Committee, shandura maparamendi atinoda uye tarisa nemaoko kushanda:

# hostapd /etc/hostapd/hostapd.conf

hostapd ichatanga mune inopindirana modhi, kutepfenyura mamiriro ayo kune iyo console. Kana pasina zvikanganiso, saka vatengi vanotsigira AC modhi vanozokwanisa kubatana kune yekuwana nzvimbo. Kumisa hostapd - Ctrl-C.

Chasara ndechekugonesa hostapd mukutanga system. Kana iwe ukaita zvakajairwa chinhu (systemctl inogonesa hostapd), ipapo mushure meiyo inotevera reboot unogona kuwana dhimoni "rikunguruka muropa" nekuongororwa "interface wl0 haina kuwanikwa". Nekuda kwe "parallel chaos," hostapd yakatanga nekukurumidza kupfuura iyo kernel yakawana iyo isina waya adapta.

IInternet yakazara nemishonga: kubva panguva yekumanikidzwa isati yatanga daemon (maminetsi akati wandei), kune imwe daemon inotarisisa kutaridzika kweiyo interface uye (re) inotanga hostpad. Mhinduro dzacho dzinoshanda, asi dzakaipa zvikuru. Tinodaidza mukuru kuti atibatsire systemd ne "zvinangwa" uye "mabasa" uye "zvinotsamira".

Kopa faira rebasa rekugovera ku /etc/systemd/system/hostapd.service:

# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system

uye kuderedza zviri mukati maro kune inotevera fomu:

[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl0.device
BindsTo=sys-subsystem-net-devices-wl0.device

[Service]
Type=forking
PIDFile=/run/hostapd.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B

[Install]
WantedBy=sys-subsystem-net-devices-wl0.device

Iwo mashiripiti eiyo yakagadziridzwa sevhisi faira iri mukusunga kwesimbapd kune chitsva chinangwa - iyo wl0 interface. Kana iyo interface ikabuda, daemon inotanga; kana yanyangarika, inomira. Uye izvi zvese zviri online - pasina reboot system. Iyi nzira ichanyanya kubatsira kana uchibatanidza USB Wi-Fi adapta kune Raspberry.

Iye zvino unogona:

# systemctl enable hostapd
# reboot

7. IPTABLES

"Chii???" © Hongu, hongu! Hapana systemd. Hapana newfangled inosanganiswa (mune fomu firewall), izvo zvinopedzisira zvaita chinhu chimwe chete.

Ngatishandise yakare yakanaka iptables, avo masevhisi, mushure mekutanga, achaisa mitemo yetiweki mu kernel uye akanyarara achivhara pasina kuramba achigara uye pasina kushandisa zviwanikwa. systemd ine inoyevedza IPMasquerade=, asi isu ticharamba tichipa shanduro yekero (NAT) uye firewall kune iptables.

Isa:

# yum install iptables-services
# systemctl enable iptables ip6tables

Ini ndinosarudza kuchengeta iyo iptables gadziriso sechinyorwa (muenzaniso):

#!/bin/bash

#
# Disable IPv6
#
ip6tables --flush
ip6tables --delete-chain

ip6tables --policy INPUT   DROP
ip6tables --policy FORWARD DROP
ip6tables --policy OUTPUT  DROP

ip6tables-save > /etc/sysconfig/ip6tables
systemctl restart ip6tables

#
# Cleaning
#
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

#
# Loopback, lan
#
iptables -A INPUT -i lo  -j ACCEPT
iptables -A INPUT -i lan -j ACCEPT

#
# Ping, Established
#
iptables -A INPUT -p icmp  --icmp-type echo-request    -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#
# NAT
#
iptables -t nat -A POSTROUTING -o wan -j MASQUERADE

#
# Saving
#
iptables-save > /etc/sysconfig/iptables
systemctl restart iptables

Isu tinoshandisa script iri pamusoro uye tinorasikirwa nekukwanisa kumisikidza itsva waya SSH yekubatanidza neRaspberry. Ndizvozvo, takagadzira Wi-Fi router, kuwana iyo "kuburikidza neInternet" inorambidzwa nekusingaperi - ikozvino chete "pamusoro pemhepo". Isu tinobatanidza mupi weEthernet tambo uye tanga kusefa!

8. Bhonasi: +2,4GHz

Pandakaunganidza yekutanga Raspberry router ndichishandisa iyo dhizaini yatsanangurwa pamusoro, ndakawana akati wandei emagetsi mumba mangu ayo, nekuda kwekutadza kwavo kweWi-Fi dhizaini, aisakwanisa kuona "raspberry" zvachose. Kugadzirisazve router kuti ishande muna 802.11b/g/n yakanga isingasviki, sezvo kukurumidza kukuru "pamusoro pemhepo" munyaya iyi hakuna kudarika 40 Mbit, uye mupi weInternet wandinoda anondipa 100 (kuburikidza netambo).

Kutaura zvazviri, mhinduro yakanga yatogadzirwa: imwe Wi-Fi interface yechipiri inoshanda pa2,4 GHz uye imwe access point yechipiri. Pakiosk iri pedyo, handina kutenga yekutanga, asi yechipiri USB Wi-Fi dongle yandakawana. Mutengesi akanga achindinetsa nemibvunzo nezve chipset uye kushanda kwayo neARM cores. Linux uye nezve mukana wekushanda muAP mode (ndiye akatanga nayo).

Isu tinogadzirisa "muridzo" nekuenzanisa neiyo yakavakirwa-mukati Wi-Fi adapta.

Kutanga, ngatiipe zita rekuti wl1:

# cat /sys/class/net/wlan0/address 
b0:6e:bf:xx:xx:xx

/etc/systemd/network/wl1.link:

[Match]
MACAddress=b0:6e:bf:xx:xx:xx

[Link]
Name=wl1

Isu tichapa manejimendi eiyo itsva Wi-Fi interface kune yakaparadzana hostapd daemon, iyo inotanga nekumira zvichienderana nekuvapo kweiyo yakanyatsotsanangurwa "muridzo" muhurongwa: wl1.

Configuration file /etc/hostapd/hostapd2.conf:

ssid=rpi2
wpa_passphrase=1234567890

#channel=1
#channel=6
channel=11

interface=wl1
bridge=lan

driver=nl80211

auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP

macaddr_acl=0

hw_mode=g
wmm_enabled=1

# N
ieee80211n=1
require_ht=1
ht_capab=[HT40][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]

Zviri mukati meiyi faira zvakananga zvinoenderana nemuenzaniso weiyo USB Wi-Fi adapta, saka banal kopi / paste inogona kukutadza.

Kopa faira rebasa rekugovera ku /etc/systemd/system/hostapd2.service:

# cp -fv /usr/lib/systemd/system/hostapd.service /etc/systemd/system/hostapd2.service

uye kuderedza zviri mukati maro kune inotevera fomu:

[Unit]
Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
After=sys-subsystem-net-devices-wl1.device
BindsTo=sys-subsystem-net-devices-wl1.device

[Service]
Type=forking
PIDFile=/run/hostapd2.pid
ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd2.conf -P /run/hostapd2.pid -B

[Install]
WantedBy=sys-subsystem-net-devices-wl1.device

Chasara ndechekugonesa imwe nyowani yehostapd:

# systemctl enable hostapd2

Ndizvo zvose! Dhonza "muridzo" uye "raspberry" pachayo, tarisa mawaya asina waya akakupoteredza.

Uye pakupedzisira, ndinoda kukuyambira nezvemhando ye USB Wi-Fi adapta uye magetsi eiyo Raspberry. Yakabatanidzwa "kuridza muridzo" dzimwe nguva inogona kukonzera "raspberry kutonhora" nekuda kwematambudziko emagetsi enguva pfupi.

Source: www.habr.com

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster